Shibboleth Developer's Meeting, 2020-07-17
Call Administrivia
09:00 Central US / 10:00 Eastern US / 15:00 UK / 17:00 FI
Calls are normally the 1st and 3rd Fridays of each month. Next call would be Friday 2020-08-0107. Any reason to deviate from this?
60 to 90 minute call window.
This week's call will use the Zoom system at GU, see ZoomGU for see ZoomGU for access info.
AGENDAAdd items for discussion here
- Board meeting updates
Attendees:
Brent
- Realized we do need the complexity of plugin model. Because the current model already uses hashed filenames, for user-facing reasons need to use that original hashed form also.Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key OSJ-304
Daniel
Henri
- Offline for most of July (on vacation) - Unable to attend today
Jira Legacy server Shibboleth JIRA serverId 180d847f-bce4-36b2-9964-771bff586829 key JOIDC-5 - Got client secret value resolution working via "custom" Attribute Resolver service (thanks to Scott and Rod!)
- Polishing other parts (style, Javadoc, unit tests, ..)
Ian
- Fun with concurrency
- It's update-all-the-Javas time again
Marvin
Phil
- On leave, so will not able to attend.
- Pushed the current alpha of the new Duo plugin - see /wiki/spaces/DEV/pages/1196393248 if you want to try it in the testbed.
- Should have improved the POM from the last email.
- Still lots to do, see the email for details.
- I am sure things will need changing around once others have taken a look.
- Sorry if I missed the email, but are plugins going to have their own Jira (issues) project, or will things go into the IdP project under a specific component name?
Rod
- Major idp-parent pom surgery.
- TL;DR: the parent pom doesn't specify any dependencies, just managed ones.
- Derived poms suitable adjusted and analyzed.
- Plugins
- Installer work class done
- CLI is under consideration
- Also considering a change to the remote info mechanism:
Rather than a series of mechanically derived URLs from a provided base URL (which requires a fixed layout web server) use a single property file (which can serve multiple plugins and multiple versions) with mechanically derived property names to cover version and download addresses. - This will allow us to add the "update" thing trivially to the command line tool.
Scott
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key JSE-38 - Command line for simple Java code that requires Spring bean services, designed to operate against IdP installation tree
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1522 Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1637 - Consensus is to add the missing logging shims, will do this before 4.1 ships
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key OSJ-321 - The clone/marshalling code's probably not right, but not sure what the best workaround is.
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1014 - Acquiring token seeds is pluggable, and a CredentialValidator consuming a TOTPContext is built
- Flow won't be too complex, should allow for token code passed along from password form or via a second form
Jira Legacy server Shibboleth JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 180d847f-bce4-36b2-9964-771bff586829 key IDP-1640 - Laying groundwork to start migrating as much system material into jars as possible, possibly removing some config files unless people add them to support particular features
- Plugins should where possible have default behavior in the absence of new config files
Tom
- EC2 Jenkins node updates
- ec2.s.n updates ?
...